| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The VPN authentication functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (device reload) by sending many username-from-cert IKE requests, aka Bug ID CSCua91108. |
| The auto-update implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service (device reload) via crafted update data, aka Bug ID CSCui33308. |
| The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899. |
| The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386. |
| The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590. |
| Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. |
| The Secure Shell (SSH) implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly terminate sessions, which allows remote attackers to cause a denial of service (SSH service outage) by repeatedly establishing SSH connections, aka Bug IDs CSCue63881, CSCuf51892, CSCue78671, and CSCug26937. |
| The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295. |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911. |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via a large number of LAN-to-LAN (aka L2L) IPsec sessions, aka Bug ID CSCth36592. |
| The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted description, aka Bug ID CSCtq50523. |
| Cisco Adaptive Security Appliance (ASA) Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service (stack overflow and device reload) by using the clientless SSL VPN portal for internal-resource browsing, aka Bug ID CSCui51199. |
| Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 certificates, which allows remote attackers to cause a denial of service (device crash) via a large volume of (1) SSL or (2) TLS traffic, aka Bug ID CSCuh19462. |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 and 8.4, when SIP inspection is enabled, create many identical pre-allocated secondary pinholes, which might allow remote attackers to cause a denial of service (CPU consumption) via crafted SIP traffic, aka Bug ID CSCtz63143. |
| Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html. |
| Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775. |
| The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packets, aka Bug ID CSCub98434. |
| The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401. |
| Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753. |
| Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627. |
